vnc: KDE Plasma desktop, local image build via systemd

Replace openbox with kde-plasma-desktop + konsole. Build the container
image locally via a oneshot systemd service (build-vnc-image) that runs
before arion-vnc-desktop on each boot. Nix hashes the Dockerfile and
start.sh at eval time so the build is skipped when nothing changed.
No registry push/pull required.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Philip Peterson 2026-05-25 19:14:53 -08:00
parent 24d6d22961
commit 25b13b47e5
3 changed files with 33 additions and 5 deletions

View file

@ -116,6 +116,35 @@ in {
systemd.services.arion-riverside.environment.DOCKER_HOST = "unix:///run/podman/podman.sock";
systemd.services.arion-vnc-desktop.environment.DOCKER_HOST = "unix:///run/podman/podman.sock";
# Build the VNC desktop image locally from the Dockerfile — no registry push/pull needed.
# Nix copies the build context into the store; the hash changes when Dockerfile or
# start.sh change, triggering a rebuild on the next nixos-rebuild switch.
systemd.services.build-vnc-image = {
description = "Build VNC desktop container image from Dockerfile";
wantedBy = [ "arion-vnc-desktop.service" ];
before = [ "arion-vnc-desktop.service" ];
serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
ExecStart = pkgs.writeShellScript "build-vnc-image" ''
STAMP=/var/lib/build-vnc-image/context-hash
EXPECTED="${builtins.hashString "sha256"
(builtins.readFile ./vnc-desktop/Dockerfile +
builtins.readFile ./vnc-desktop/start.sh)}"
if [ -f "$STAMP" ] && [ "$(cat "$STAMP")" = "$EXPECTED" ]; then
echo "VNC image is up to date, skipping build"
exit 0
fi
echo "Building VNC desktop image..."
${pkgs.podman}/bin/podman build \
-t forge.quinefoundation.com/ironmagma/vnc-desktop:latest \
${./vnc-desktop}
mkdir -p "$(dirname "$STAMP")"
echo "$EXPECTED" > "$STAMP"
'';
};
};
services.gitea-actions-runner.instances."ubuntu" = {
enable = true;
name = "ubuntu";

View file

@ -7,8 +7,8 @@ RUN apt-get update && apt-get install -y \
tigervnc-common \
novnc \
python3-websockify \
openbox \
xterm \
kde-plasma-desktop \
konsole \
x11-utils \
xfonts-base \
dbus-x11 \

View file

@ -21,9 +21,8 @@ Xvnc :1 \
export DISPLAY=:1
sleep 2
# Start window manager and initial terminal
openbox-session &
xterm &
# Start KDE Plasma session
dbus-run-session -- startplasma-x11 &
# Serve noVNC web UI + bridge WebSocket -> VNC
exec websockify --web /usr/share/novnc 6080 localhost:5901